Thursday, June 26, 2008

Using Linux to scan and remove viruses from a Windows computer

A common problem with viruses is that they are often extremely difficult to remove. Most of the time, you easily understand that there is something strange about your Windows box (apart from the usual Windows behaviour, that is :D) , so you run a virus scan and indeed, confirm your worry that you have been infected. But what is the worth of your antivirus application if it is unable to remove the virus, not to mention detect it in the first place?! Often, you need to find a dedicated mini-application that removes a particular virus, but if you can't, you're screwed.

The following is a recipe that works:
1. Install Ubuntu 8.04 (Hardy Heron) Persistent on a USB stick (see this guide, and read my reasons why)
2.Install antivirus applications on the Ubuntu system on the USB stick.
  • Avast Antivirus is easy to install (.deb available) and is free but requires email registration for a key (no spam).
  • Clam Antivirus is free and also available from repositories (enable universe). If you prefer a graphical user interface (GUI), also install clamtk using Synaptic.
  • AVG Anti-Virus Free for Linux/Freebsd 7.5.50 is not their latest release but might do the job.
  • Trend Micro HouseCall is a free online scanning service. Linux distributions must support libc6.
3. Make sure the antivirus applications and virus definitions are all updated.
4. Boot up Ubuntu on the infected Windows computer using your USB stick. You may have to enter the BIOS setup to change the boot order to boot from USB before booting from the (Windows) hard drive.
5. Launch an antivirus application in Ubuntu and tell it to scan the directory /media, where the windows partitions shall have been automounted as /media/disk, /media/disk-1, etc. at boot time.

(Note: I have only tried Avast and Clam. I noted that Clam seemed to be unresponsive upon starting a scan, but after 30 seconds or so started scanning.)

When you have successfully cleaned your mom's/dad's/friend's computer, lend them your USB stick (with all the usual snacks like Compiz Fusion/the 3D cube, OpenOffice, Opera 9.5 with email set up, Amarok, VLC player etc.) and tell them that anything they can accomplish in Windows (well, perhaps with the exception of premium video editing suites such as Adobe Premiere Pro) they can do with free software in a virusfree Linux environment!

No comments: